RE: [Yaffs] Permission denied when non-root

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Charles Manning
Date:  
To: Luc Van Oostenryck, yaffs
Subject: RE: [Yaffs] Permission denied when non-root
Do people prefer this the way it is or should the default permissions be
changed?

The way I see it, the current set up is perhaps more secure by default
(ie. The permissions can be opened up after mount, in a controlled way).

Whatever people prefer, I'm happy with.

-- Charles




> -----Original Message-----
> From:
> [mailto:yaffs-admin@stoneboat.aleph1.co.uk] On Behalf Of Luc
> Van Oostenryck
> Sent: Monday, 7 February 2005 2:24 a.m.
> To:
> Subject: Re: [Yaffs] Permission denied when non-root
>
>
> Karl Olsen wrote:
> > Hello all,
> >
> > I am having a problem with switching to a non-root user on my
> > AT91RM9200-based ARM system. I am using Linux 2.6.10 with the
> > AT91RM9200 patch from http://maxim.org.za/AT91RM9200/2.6/ (fixed so
> > that NAND support
> > works) and the Yaffs patches by Frank Rowand, and a
> statically linked
> > Busybox 1.00. / is on a Yaffs partition.
> >
> > # mount
> > /dev/mtdblock1 on / type yaffs (rw,noatime)
> > /dev/mtdblock0 on /boot type yaffs (ro,noatime)
> > none on /proc type proc (rw,nodiratime)
> >
> > Everything works fine when I'm root, and I can run Busybox commands
> > and
> > read
> > and write files. But when I do a "su karl" it says:
> >
> > / # su karl
> > su: cannot run /bin/sh: Permission denied
> >
> > /etc/passwd contains:
> > root:x:0:0:root:/root:/bin/sh
> > karl:x:500:100:KarlOlsen:/home/karl:/bin/sh
> >
> > # ls -l -d /bin
> > drwxr-xr-x    1 root     root          512 Jan  1 00:00 bin

> >
> > /bin/sh is a symlink pointing to /bin/busybox:
> > -rwxrwxrwx    1 root     root       438260 Jan  1 00:00 busybox

> >
> > I have tried replacing /bin/sh in /etc/passwd with other
> commands, but
> > I always get the Permission denied. The Busybox source
> shows that it
> > successfully changes identity to uid=500 and gid=100 and cd's to my
> > home directory but fails at the execv() that tried to run /bin/sh.
> >
> > I tried the same with an initrd with romfs, and with that,
> it worked.
> > But romfs doesn't seem to implement uid and gid for its
> > files/directories.
> >
> > Does anybody know if this problem can be related to Yaffs?
> Does the
> > Yaffs filesystem have (hidden) mount options that can deny
> execution
> > for non-root?
>
> Yes and no, the default permissions for yaffs root directory
> is 0666 thus the directory is not accessible for non root.
> Changing the permissions of the root dir to 0777 (or better
> to 0755) cure the problem until the next reboot.
>
> The following patch solve the problem permanently:
> ----
> diff -r1.14 yportenv.h
> 102c102
> < #define YAFFS_ROOT_MODE                               0666
> ---
> > #define YAFFS_ROOT_MODE                               0755
> ----

>
> > Regards,
> > Karl Olsen
>
>
> Luc Van Oostenryck
>
>
> _______________________________________________
> yaffs mailing list
>
> http://stoneboat.aleph1.co.uk/cgi-> bin/mailman/listinfo/yaffs
>